Tracer Placement with Limitation nodes in Protection Area

• Main Authors: Ven-Chen Cheng, 陳文誠
• Other Authors: Chun-Hsin Wang
• Format: Others
• Language: zh-TW
• Published: 2011
• Online Access: http://ndltd.ncl.edu.tw/handle/33532800697451790321

碩士 === 中華大學 === 資訊工程學系碩士班 === 99 === Distributed Denial of Service (DDoS) attacks become one of serious network security problems in recent years. To defend DDoS attacks effectively is to find attack origins first by enhanced routes referred to as tracers. Then attack traffic can be blocked by filter nodes close to attack origins. In addition, the log of attack origins can be used to the evidence for post-attack law enforcement. The performance of locating attack origins will depend on the number of deployed tracers and location of them. In previous work, tracers are placed to surround a network area which we referred to as protection area. Attack path can be guaranteed to travel at least one tracer within a limit hop count and attack origins can be traced back to which protection area is.But the cost of searching real attack origins will be high once the number of nodes in protection area is too many. In this thesis, we proposed five methods to improve previous work by bounding the number of nodes in each protection area. Simulation results show that our proposed methods can limit the number of nodes in protection areas with a little extra tracers compared to previous work. Keywords: DDoS;Tracers